Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/mutt@1.5.9-2sarge2

Type deb

Namespace debian

Name mutt

Version 1.5.9-2sarge2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.0.5-4.1+deb11u3

Latest_non_vulnerable_version 2.0.5-4.1+deb11u3

Affected_by_vulnerabilities

url VCID-2jga-eah6-6bhb

vulnerability_id VCID-2jga-eah6-6bhb

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14361

reference_id

reference_type

scores

value	0.00371
scoring_system	epss
scoring_elements	0.58917
published_at	2026-04-24T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58956
published_at	2026-04-18T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58934
published_at	2026-04-21T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58814
published_at	2026-04-01T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58889
published_at	2026-04-02T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58911
published_at	2026-04-04T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58878
published_at	2026-04-07T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.5893
published_at	2026-04-08T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58936
published_at	2026-04-09T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58954
published_at	2026-04-11T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58937
published_at	2026-04-12T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58918
published_at	2026-04-13T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.58952
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url	https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/9e927affe3a021175f354af5fa01d22657c20585

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14361

reference_id

CVE-2018-14361

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14361

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14361

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jga-eah6-6bhb

url VCID-45b7-9f4d-ryac

vulnerability_id VCID-45b7-9f4d-ryac

summary

A heap-based buffer overflow in Mutt might allow remote attackers
    to cause a Denial of Service condition.

references

reference_url	http://advisories.mageia.org/MGASA-2014-0509.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0509.html

reference_url	http://dev.mutt.org/trac/ticket/3716
reference_id
reference_type
scores
url	http://dev.mutt.org/trac/ticket/3716

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00002.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9116.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9116

reference_id

reference_type

scores

value	0.03515
scoring_system	epss
scoring_elements	0.87663
published_at	2026-04-24T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87578
published_at	2026-04-01T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87587
published_at	2026-04-02T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.876
published_at	2026-04-04T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87603
published_at	2026-04-07T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87623
published_at	2026-04-08T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87629
published_at	2026-04-09T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.8764
published_at	2026-04-11T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87636
published_at	2026-04-12T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87633
published_at	2026-04-13T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87648
published_at	2026-04-18T12:55:00Z

value	0.03515
scoring_system	epss
scoring_elements	0.87646
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9116

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116

reference_url	http://www.debian.org/security/2014/dsa-3083
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3083

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:245
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:245

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:078
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:078

reference_url	http://www.openwall.com/lists/oss-security/2014/11/27/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/11/27/5

reference_url	http://www.openwall.com/lists/oss-security/2014/11/27/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/11/27/9

reference_url	http://www.securityfocus.com/bid/71334
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71334

reference_url	http://www.securitytracker.com/id/1031266
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031266

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1168463
reference_id	1168463
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1168463

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:::::::*
reference_id	cpe:2.3:a:mutt:mutt:1.5.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.5.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_id	cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise_desktop:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:::::::*
reference_id	cpe:2.3:o:suse:suse_linux_enterprise_server:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-9116

reference_id

CVE-2014-9116

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-9116

reference_url	https://security.gentoo.org/glsa/201701-04
reference_id	GLSA-201701-04
reference_type
scores
url	https://security.gentoo.org/glsa/201701-04

reference_url	https://usn.ubuntu.com/2440-1/
reference_id	USN-2440-1
reference_type
scores
url	https://usn.ubuntu.com/2440-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

purl pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3

url pkg:deb/debian/mutt@1.5.23-3

purl pkg:deb/debian/mutt@1.5.23-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3

aliases CVE-2014-9116

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-45b7-9f4d-ryac

url VCID-4hym-sx7t-qbh1

vulnerability_id VCID-4hym-sx7t-qbh1

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14355.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14355

reference_id

reference_type

scores

value	0.00748
scoring_system	epss
scoring_elements	0.73054
published_at	2026-04-01T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73187
published_at	2026-04-24T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73106
published_at	2026-04-13T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73149
published_at	2026-04-16T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73159
published_at	2026-04-18T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73151
published_at	2026-04-21T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73063
published_at	2026-04-02T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73084
published_at	2026-04-04T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73058
published_at	2026-04-07T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73095
published_at	2026-04-08T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73108
published_at	2026-04-09T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73133
published_at	2026-04-11T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73112
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d

reference_url	https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602081
reference_id	1602081
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602081

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14355

reference_id

CVE-2018-14355

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14355

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://access.redhat.com/errata/RHSA-2020:1126
reference_id	RHSA-2020:1126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1126

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14355

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hym-sx7t-qbh1

url VCID-4zbn-7d8g-5bgx

vulnerability_id VCID-4zbn-7d8g-5bgx

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14360

reference_id

reference_type

scores

value	0.00294
scoring_system	epss
scoring_elements	0.52718
published_at	2026-04-24T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52785
published_at	2026-04-18T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52768
published_at	2026-04-21T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52641
published_at	2026-04-01T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52685
published_at	2026-04-02T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52712
published_at	2026-04-04T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52677
published_at	2026-04-07T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52727
published_at	2026-04-08T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52722
published_at	2026-04-09T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52772
published_at	2026-04-11T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52755
published_at	2026-04-12T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52739
published_at	2026-04-13T12:55:00Z

value	0.00294
scoring_system	epss
scoring_elements	0.52777
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url	https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/6296f7153f0c9d5e5cd3aaf08f9731e56621bdd3

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14360

reference_id

CVE-2018-14360

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14360

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14360

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zbn-7d8g-5bgx

url VCID-4zs7-nyzq-zydh

vulnerability_id VCID-4zs7-nyzq-zydh

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14356.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14356

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75224
published_at	2026-04-01T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75349
published_at	2026-04-24T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75277
published_at	2026-04-13T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75316
published_at	2026-04-16T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75323
published_at	2026-04-18T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75314
published_at	2026-04-21T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75227
published_at	2026-04-02T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75259
published_at	2026-04-04T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75236
published_at	2026-04-07T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75279
published_at	2026-04-08T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75289
published_at	2026-04-09T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.7531
published_at	2026-04-11T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82

reference_url	https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1604047
reference_id	1604047
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1604047

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14356

reference_id

CVE-2018-14356

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14356

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14356

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zs7-nyzq-zydh

url VCID-5dxq-th2e-eke5

vulnerability_id VCID-5dxq-th2e-eke5

summary

A vulnerability in Mutt and NeoMutt could lead to a Denial of
    Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32055.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32055

reference_id

reference_type

scores

value	0.00368
scoring_system	epss
scoring_elements	0.58599
published_at	2026-04-01T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58693
published_at	2026-04-24T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58742
published_at	2026-04-16T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58746
published_at	2026-04-18T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58724
published_at	2026-04-21T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58682
published_at	2026-04-02T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58703
published_at	2026-04-04T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.5867
published_at	2026-04-07T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58722
published_at	2026-04-08T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58728
published_at	2026-04-12T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58747
published_at	2026-04-11T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58708
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32055

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1957451
reference_id	1957451
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1957451

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106
reference_id	988106
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988106

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107
reference_id	988107
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988107

reference_url

https://security.archlinux.org/AVG-1922

reference_id

AVG-1922

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1922

reference_url

https://security.archlinux.org/AVG-1923

reference_id

AVG-1923

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1923

reference_url	https://security.gentoo.org/glsa/202105-05
reference_id	GLSA-202105-05
reference_type
scores
url	https://security.gentoo.org/glsa/202105-05

reference_url	https://usn.ubuntu.com/5392-1/
reference_id	USN-5392-1
reference_type
scores
url	https://usn.ubuntu.com/5392-1/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2021-32055

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dxq-th2e-eke5

url VCID-7f9n-6yxm-zuhu

vulnerability_id VCID-7f9n-6yxm-zuhu

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14359.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14359

reference_id

reference_type

scores

value	0.03811
scoring_system	epss
scoring_elements	0.88049
published_at	2026-04-01T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88135
published_at	2026-04-24T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88105
published_at	2026-04-12T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88106
published_at	2026-04-13T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88119
published_at	2026-04-16T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88117
published_at	2026-04-21T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88058
published_at	2026-04-02T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88072
published_at	2026-04-04T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88078
published_at	2026-04-07T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88097
published_at	2026-04-08T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88103
published_at	2026-04-09T12:55:00Z

value	0.03811
scoring_system	epss
scoring_elements	0.88113
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85

reference_url	https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1604084
reference_id	1604084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1604084

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14359

reference_id

CVE-2018-14359

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14359

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14359

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f9n-6yxm-zuhu

url VCID-86dz-udh7-7kd5

vulnerability_id VCID-86dz-udh7-7kd5

summary

A weakness was discovered in Mutt and NeoMutt's TLS handshake
    handling

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28896.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-28896

reference_id

reference_type

scores

value	0.00096
scoring_system	epss
scoring_elements	0.26714
published_at	2026-04-01T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26488
published_at	2026-04-24T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26606
published_at	2026-04-13T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26613
published_at	2026-04-16T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26546
published_at	2026-04-21T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2676
published_at	2026-04-02T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26801
published_at	2026-04-04T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26585
published_at	2026-04-18T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26652
published_at	2026-04-08T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26703
published_at	2026-04-09T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26707
published_at	2026-04-11T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26663
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-28896

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28896

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1900826
reference_id	1900826
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1900826

reference_url	https://security.archlinux.org/ASA-202011-24
reference_id	ASA-202011-24
reference_type
scores
url	https://security.archlinux.org/ASA-202011-24

reference_url	https://security.archlinux.org/ASA-202011-25
reference_id	ASA-202011-25
reference_type
scores
url	https://security.archlinux.org/ASA-202011-25

reference_url

https://security.archlinux.org/AVG-1288

reference_id

AVG-1288

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1288

reference_url

https://security.archlinux.org/AVG-1289

reference_id

AVG-1289

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1289

reference_url	https://security.gentoo.org/glsa/202101-32
reference_id	GLSA-202101-32
reference_type
scores
url	https://security.gentoo.org/glsa/202101-32

reference_url	https://access.redhat.com/errata/RHSA-2021:4181
reference_id	RHSA-2021:4181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4181

reference_url	https://usn.ubuntu.com/4645-1/
reference_id	USN-4645-1
reference_type
scores
url	https://usn.ubuntu.com/4645-1/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2020-28896

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-86dz-udh7-7kd5

url VCID-8mtv-crbm-m7e5

vulnerability_id VCID-8mtv-crbm-m7e5

summary Multiple mutt tempfile race conditions

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5297.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5297.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5297

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.28941
published_at	2026-04-01T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.29016
published_at	2026-04-02T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.29066
published_at	2026-04-04T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28874
published_at	2026-04-07T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28942
published_at	2026-04-08T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28984
published_at	2026-04-09T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28988
published_at	2026-04-11T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28944
published_at	2026-04-12T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28895
published_at	2026-04-18T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28919
published_at	2026-04-16T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28848
published_at	2026-04-21T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.2873
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5297

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=211085
reference_id	211085
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=211085

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104
reference_id	396104
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104

reference_url	https://access.redhat.com/errata/RHSA-2007:0386
reference_id	RHSA-2007:0386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0386

reference_url	https://usn.ubuntu.com/373-1/
reference_id	USN-373-1
reference_type
scores
url	https://usn.ubuntu.com/373-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.13-1.1

purl pkg:deb/debian/mutt@1.5.13-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1

aliases CVE-2006-5297

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mtv-crbm-m7e5

url VCID-bbnw-jxah-rfbh

vulnerability_id VCID-bbnw-jxah-rfbh

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14358.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14358

reference_id

reference_type

scores

value	0.01277
scoring_system	epss
scoring_elements	0.79504
published_at	2026-04-01T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79617
published_at	2026-04-24T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79552
published_at	2026-04-13T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79582
published_at	2026-04-16T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.7958
published_at	2026-04-18T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79585
published_at	2026-04-21T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.7951
published_at	2026-04-02T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79533
published_at	2026-04-04T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79519
published_at	2026-04-07T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79548
published_at	2026-04-08T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79555
published_at	2026-04-09T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.79577
published_at	2026-04-11T12:55:00Z

value	0.01277
scoring_system	epss
scoring_elements	0.7956
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485

reference_url	https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1604064
reference_id	1604064
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1604064

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14358

reference_id

CVE-2018-14358

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14358

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14358

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbnw-jxah-rfbh

url VCID-bqzg-b5zw-b3h6

vulnerability_id VCID-bqzg-b5zw-b3h6

summary

Mutt contains a buffer overflow that could result in arbitrary code
    execution.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3242.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3242.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-3242

reference_id

reference_type

scores

value	0.07538
scoring_system	epss
scoring_elements	0.91777
published_at	2026-04-01T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91786
published_at	2026-04-02T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91792
published_at	2026-04-04T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.918
published_at	2026-04-07T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91813
published_at	2026-04-08T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91819
published_at	2026-04-09T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91823
published_at	2026-04-11T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91825
published_at	2026-04-12T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91821
published_at	2026-04-13T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91841
published_at	2026-04-24T12:55:00Z

value	0.07538
scoring_system	epss
scoring_elements	0.91835
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-3242

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1618137
reference_id	1618137
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1618137

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375828
reference_id	375828
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375828

reference_url	https://security.gentoo.org/glsa/200606-27
reference_id	GLSA-200606-27
reference_type
scores
url	https://security.gentoo.org/glsa/200606-27

reference_url	https://access.redhat.com/errata/RHSA-2006:0577
reference_id	RHSA-2006:0577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0577

fixed_packages

url pkg:deb/debian/mutt@1.5.13-1.1

purl pkg:deb/debian/mutt@1.5.13-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1

aliases CVE-2006-3242

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bqzg-b5zw-b3h6

url VCID-ce8r-3je8-97bm

vulnerability_id VCID-ce8r-3je8-97bm

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14350.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14350

reference_id

reference_type

scores

value	0.03068
scoring_system	epss
scoring_elements	0.86682
published_at	2026-04-01T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86776
published_at	2026-04-24T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86744
published_at	2026-04-13T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86758
published_at	2026-04-16T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86764
published_at	2026-04-18T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.8676
published_at	2026-04-21T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86693
published_at	2026-04-02T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86712
published_at	2026-04-07T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86731
published_at	2026-04-08T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86741
published_at	2026-04-09T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86754
published_at	2026-04-11T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86751
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485

reference_url	https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	http://www.securityfocus.com/bid/104931
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104931

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602922
reference_id	1602922
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602922

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14350

reference_id

CVE-2018-14350

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14350

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14350

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ce8r-3je8-97bm

url VCID-d15r-ncw4-hfdh

vulnerability_id VCID-d15r-ncw4-hfdh

summary mutt: null pointer dereference

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4874.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4874

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23798
published_at	2026-04-02T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23521
published_at	2026-04-24T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23704
published_at	2026-04-12T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23648
published_at	2026-04-13T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.2366
published_at	2026-04-16T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23652
published_at	2026-04-18T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23633
published_at	2026-04-21T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23838
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23615
published_at	2026-04-07T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23684
published_at	2026-04-08T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23731
published_at	2026-04-09T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23747
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563
reference_id	1051563
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2238240
reference_id	2238240
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2238240

reference_url

https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_id

452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/

url

https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_url

https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch

reference_id

a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:16:03Z/

url

https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch

reference_url	https://access.redhat.com/errata/RHSA-2024:2290
reference_id	RHSA-2024:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2290

reference_url	https://access.redhat.com/errata/RHSA-2024:3058
reference_id	RHSA-2024:3058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3058

reference_url	https://usn.ubuntu.com/6374-1/
reference_id	USN-6374-1
reference_type
scores
url	https://usn.ubuntu.com/6374-1/

reference_url	https://usn.ubuntu.com/6374-2/
reference_id	USN-6374-2
reference_type
scores
url	https://usn.ubuntu.com/6374-2/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2023-4874

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d15r-ncw4-hfdh

url VCID-eyfx-wdun-3fhq

vulnerability_id VCID-eyfx-wdun-3fhq

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14349

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75224
published_at	2026-04-01T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75349
published_at	2026-04-24T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75277
published_at	2026-04-13T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75316
published_at	2026-04-16T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75323
published_at	2026-04-18T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75314
published_at	2026-04-21T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75227
published_at	2026-04-02T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75259
published_at	2026-04-04T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75236
published_at	2026-04-07T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75279
published_at	2026-04-08T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75289
published_at	2026-04-09T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.7531
published_at	2026-04-11T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1

reference_url	https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602934
reference_id	1602934
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602934

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14349

reference_id

CVE-2018-14349

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14349

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14349

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eyfx-wdun-3fhq

url VCID-fu71-npm3-8bat

vulnerability_id VCID-fu71-npm3-8bat

summary Buffer overflow in mutt's gecos structure handling

references

reference_url	http://dev.mutt.org/trac/ticket/2885
reference_id
reference_type
scores
url	http://dev.mutt.org/trac/ticket/2885

reference_url	http://osvdb.org/34973
reference_id
reference_type
scores
url	http://osvdb.org/34973

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2683.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2683

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32632
published_at	2026-04-13T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.3267
published_at	2026-04-16T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32695
published_at	2026-04-09T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32697
published_at	2026-04-11T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32659
published_at	2026-04-12T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32766
published_at	2026-04-02T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32802
published_at	2026-04-04T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32623
published_at	2026-04-07T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33004
published_at	2026-04-24T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33187
published_at	2026-04-18T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.3315
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2683

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=239890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683

reference_url	http://secunia.com/advisories/25408
reference_id
reference_type
scores
url	http://secunia.com/advisories/25408

reference_url	http://secunia.com/advisories/25515
reference_id
reference_type
scores
url	http://secunia.com/advisories/25515

reference_url	http://secunia.com/advisories/25529
reference_id
reference_type
scores
url	http://secunia.com/advisories/25529

reference_url	http://secunia.com/advisories/25546
reference_id
reference_type
scores
url	http://secunia.com/advisories/25546

reference_url	http://secunia.com/advisories/26415
reference_id
reference_type
scores
url	http://secunia.com/advisories/26415

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34441
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34441

reference_url	https://issues.rpath.com/browse/RPL-1391
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1391

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10543

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:113
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:113

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0386.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0386.html

reference_url	http://www.securityfocus.com/bid/24192
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24192

reference_url	http://www.securitytracker.com/id?1018066
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018066

reference_url	http://www.trustix.org/errata/2007/0024/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0024/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=239890
reference_id	239890
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=239890

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116
reference_id	426116
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:::::::*
reference_id	cpe:2.3:a:mutt:mutt:1.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt:1.4.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2683

reference_id

CVE-2007-2683

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2683

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt
reference_id	CVE-2007-2683;OSVDB-34973
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30093.txt

reference_url	https://www.securityfocus.com/bid/24192/info
reference_id	CVE-2007-2683;OSVDB-34973
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/24192/info

reference_url	https://access.redhat.com/errata/RHSA-2007:0386
reference_id	RHSA-2007:0386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0386

fixed_packages

url pkg:deb/debian/mutt@1.5.18-6

purl pkg:deb/debian/mutt@1.5.18-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6

aliases CVE-2007-2683

risk_score 6.2

exploitability 2.0

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fu71-npm3-8bat

url VCID-fyys-8z34-cufn

vulnerability_id VCID-fyys-8z34-cufn

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14357.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14357

reference_id

reference_type

scores

value	0.02348
scoring_system	epss
scoring_elements	0.84812
published_at	2026-04-01T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84933
published_at	2026-04-24T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84894
published_at	2026-04-12T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84888
published_at	2026-04-13T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.8491
published_at	2026-04-18T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84908
published_at	2026-04-21T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84827
published_at	2026-04-02T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84845
published_at	2026-04-04T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84847
published_at	2026-04-07T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.8487
published_at	2026-04-08T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84877
published_at	2026-04-09T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84895
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725

reference_url	https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602915
reference_id	1602915
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602915

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14357

reference_id

CVE-2018-14357

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14357

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://access.redhat.com/errata/RHSA-2018:2526
reference_id	RHSA-2018:2526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2526

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14357

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyys-8z34-cufn

url VCID-htz5-1fbu-5qfb

vulnerability_id VCID-htz5-1fbu-5qfb

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14362.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14362

reference_id

reference_type

scores

value	0.01676
scoring_system	epss
scoring_elements	0.82086
published_at	2026-04-01T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82216
published_at	2026-04-24T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.8216
published_at	2026-04-12T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82154
published_at	2026-04-13T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82192
published_at	2026-04-18T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82194
published_at	2026-04-21T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82098
published_at	2026-04-02T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82119
published_at	2026-04-04T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82115
published_at	2026-04-07T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82142
published_at	2026-04-08T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82149
published_at	2026-04-09T12:55:00Z

value	0.01676
scoring_system	epss
scoring_elements	0.82168
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e

reference_url	https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602079
reference_id	1602079
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602079

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14362

reference_id

CVE-2018-14362

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14362

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://access.redhat.com/errata/RHSA-2018:2526
reference_id	RHSA-2018:2526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2526

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14362

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htz5-1fbu-5qfb

url VCID-j1v7-r585-eqeq

vulnerability_id VCID-j1v7-r585-eqeq

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14352.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14352

reference_id

reference_type

scores

value	0.03127
scoring_system	epss
scoring_elements	0.86793
published_at	2026-04-01T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86889
published_at	2026-04-24T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86849
published_at	2026-04-13T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86866
published_at	2026-04-16T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86871
published_at	2026-04-18T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86872
published_at	2026-04-21T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86804
published_at	2026-04-02T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86823
published_at	2026-04-04T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86817
published_at	2026-04-07T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86836
published_at	2026-04-08T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86845
published_at	2026-04-09T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86858
published_at	2026-04-11T12:55:00Z

value	0.03127
scoring_system	epss
scoring_elements	0.86854
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4

reference_url	https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1604034
reference_id	1604034
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1604034

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14352

reference_id

CVE-2018-14352

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14352

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14352

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1v7-r585-eqeq

url VCID-k6ud-492m-yqdp

vulnerability_id VCID-k6ud-492m-yqdp

summary

Multiple vulnerabilities have been found in Mutt and Neomutt, the
    worst of which could result in an access restriction bypass.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14154.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14154

reference_id

reference_type

scores

value	0.00692
scoring_system	epss
scoring_elements	0.71783
published_at	2026-04-01T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.7179
published_at	2026-04-02T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71809
published_at	2026-04-04T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71782
published_at	2026-04-07T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71821
published_at	2026-04-08T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71832
published_at	2026-04-09T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71857
published_at	2026-04-11T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.7184
published_at	2026-04-12T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71822
published_at	2026-04-13T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71864
published_at	2026-04-16T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71869
published_at	2026-04-18T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71852
published_at	2026-04-21T12:55:00Z

value	0.00692
scoring_system	epss
scoring_elements	0.71897
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14154

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1848287
reference_id	1848287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1848287

reference_url	https://security.gentoo.org/glsa/202007-57
reference_id	GLSA-202007-57
reference_type
scores
url	https://security.gentoo.org/glsa/202007-57

reference_url	https://usn.ubuntu.com/4401-1/
reference_id	USN-4401-1
reference_type
scores
url	https://usn.ubuntu.com/4401-1/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2020-14154

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ud-492m-yqdp

url VCID-nyyz-7jhc-4qd6

vulnerability_id VCID-nyyz-7jhc-4qd6

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14353.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14353

reference_id

reference_type

scores

value	0.01471
scoring_system	epss
scoring_elements	0.80872
published_at	2026-04-01T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.8099
published_at	2026-04-24T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.8093
published_at	2026-04-13T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80966
published_at	2026-04-16T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80967
published_at	2026-04-18T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80969
published_at	2026-04-21T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.8088
published_at	2026-04-02T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80903
published_at	2026-04-04T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.809
published_at	2026-04-07T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80928
published_at	2026-04-08T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80937
published_at	2026-04-09T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80953
published_at	2026-04-11T12:55:00Z

value	0.01471
scoring_system	epss
scoring_elements	0.80939
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23

reference_url	https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1604040
reference_id	1604040
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1604040

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14353

reference_id

CVE-2018-14353

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14353

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14353

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyyz-7jhc-4qd6

url VCID-rabc-wwt3-j3a3

vulnerability_id VCID-rabc-wwt3-j3a3

summary

A vulnerability in Mutt could allow remote attackers to execute
    arbitrary code or cause a Denial of Service condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0467.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0467

reference_id

reference_type

scores

value	0.01816
scoring_system	epss
scoring_elements	0.8279
published_at	2026-04-01T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82806
published_at	2026-04-02T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82819
published_at	2026-04-04T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82815
published_at	2026-04-07T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.8284
published_at	2026-04-08T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82846
published_at	2026-04-09T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82862
published_at	2026-04-11T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82857
published_at	2026-04-12T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82853
published_at	2026-04-13T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82892
published_at	2026-04-18T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82894
published_at	2026-04-21T12:55:00Z

value	0.01816
scoring_system	epss
scoring_elements	0.82915
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0467

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1075860
reference_id	1075860
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1075860

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731
reference_id	708731
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708731

reference_url	https://security.gentoo.org/glsa/201406-05
reference_id	GLSA-201406-05
reference_type
scores
url	https://security.gentoo.org/glsa/201406-05

reference_url	https://access.redhat.com/errata/RHSA-2014:0304
reference_id	RHSA-2014:0304
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0304

reference_url	https://usn.ubuntu.com/2147-1/
reference_id	USN-2147-1
reference_type
scores
url	https://usn.ubuntu.com/2147-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

purl pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3

url pkg:deb/debian/mutt@1.5.23-3

purl pkg:deb/debian/mutt@1.5.23-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.23-3

aliases CVE-2014-0467

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rabc-wwt3-j3a3

url VCID-rhbd-qbus-ruhc

vulnerability_id VCID-rhbd-qbus-ruhc

summary

Multiple vulnerabilities have been found in Mutt and Neomutt, the
    worst of which could result in an access restriction bypass.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14093.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14093

reference_id

reference_type

scores

value	0.03861
scoring_system	epss
scoring_elements	0.88158
published_at	2026-04-01T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88166
published_at	2026-04-02T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88182
published_at	2026-04-04T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88189
published_at	2026-04-07T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88208
published_at	2026-04-08T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88214
published_at	2026-04-09T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88225
published_at	2026-04-11T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88217
published_at	2026-04-13T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.8823
published_at	2026-04-21T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88229
published_at	2026-04-18T12:55:00Z

value	0.03861
scoring_system	epss
scoring_elements	0.88248
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1848360
reference_id	1848360
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1848360

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897
reference_id	962897
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962897

reference_url	https://security.gentoo.org/glsa/202007-57
reference_id	GLSA-202007-57
reference_type
scores
url	https://security.gentoo.org/glsa/202007-57

reference_url	https://usn.ubuntu.com/4401-1/
reference_id	USN-4401-1
reference_type
scores
url	https://usn.ubuntu.com/4401-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2020-14093

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhbd-qbus-ruhc

url VCID-s7jp-h1gx-f3db

vulnerability_id VCID-s7jp-h1gx-f3db

summary mutt: null pointer dereference

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4875.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4875

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07014
published_at	2026-04-02T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07125
published_at	2026-04-24T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07129
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07118
published_at	2026-04-12T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07109
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07028
published_at	2026-04-18T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0716
published_at	2026-04-21T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0707
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07045
published_at	2026-04-16T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07099
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07131
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4875

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4875

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563
reference_id	1051563
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2238241
reference_id	2238241
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2238241

reference_url

https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_id

452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_type

scores

value	2.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/

url

https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch

reference_url

https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch

reference_id

4cc3128abdf52c615911589394a03271fddeefc6.patch

reference_type

scores

value	2.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:14:35Z/

url

https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch

reference_url	https://access.redhat.com/errata/RHSA-2024:2290
reference_id	RHSA-2024:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2290

reference_url	https://access.redhat.com/errata/RHSA-2024:3058
reference_id	RHSA-2024:3058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3058

reference_url	https://usn.ubuntu.com/6374-1/
reference_id	USN-6374-1
reference_type
scores
url	https://usn.ubuntu.com/6374-1/

reference_url	https://usn.ubuntu.com/6374-2/
reference_id	USN-6374-2
reference_type
scores
url	https://usn.ubuntu.com/6374-2/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2023-4875

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7jp-h1gx-f3db

url VCID-sdgd-qstu-pudm

vulnerability_id VCID-sdgd-qstu-pudm

summary mutt: buffer overflow in uudecoder function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1328.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1328

reference_id

reference_type

scores

value	0.00217
scoring_system	epss
scoring_elements	0.44268
published_at	2026-04-01T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.4434
published_at	2026-04-02T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44362
published_at	2026-04-04T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44299
published_at	2026-04-07T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44351
published_at	2026-04-08T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44356
published_at	2026-04-09T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44341
published_at	2026-04-13T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44397
published_at	2026-04-16T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44388
published_at	2026-04-18T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44374
published_at	2026-04-11T12:55:00Z

value	0.00217
scoring_system	epss
scoring_elements	0.44342
published_at	2026-04-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50609
published_at	2026-04-24T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50661
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1328

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734
reference_id	1009734
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009734

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735
reference_id	1009735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009735

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2076058
reference_id	2076058
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2076058

reference_url	https://access.redhat.com/errata/RHSA-2022:7640
reference_id	RHSA-2022:7640
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7640

reference_url	https://access.redhat.com/errata/RHSA-2022:8219
reference_id	RHSA-2022:8219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8219

reference_url	https://usn.ubuntu.com/5392-1/
reference_id	USN-5392-1
reference_type
scores
url	https://usn.ubuntu.com/5392-1/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2022-1328

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdgd-qstu-pudm

url VCID-smyk-kg69-27ct

vulnerability_id VCID-smyk-kg69-27ct

summary Mutt 1.5.19 SSL chain verification flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1390.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1390

reference_id

reference_type

scores

value	0.00435
scoring_system	epss
scoring_elements	0.6282
published_at	2026-04-01T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62878
published_at	2026-04-02T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62908
published_at	2026-04-04T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62871
published_at	2026-04-07T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62922
published_at	2026-04-08T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62939
published_at	2026-04-09T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62957
published_at	2026-04-11T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62946
published_at	2026-04-12T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62924
published_at	2026-04-13T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62964
published_at	2026-04-16T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62971
published_at	2026-04-24T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62951
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1390

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=504979
reference_id	504979
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=504979

fixed_packages

url pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3

purl pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3

aliases CVE-2009-1390

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-smyk-kg69-27ct

url VCID-ssk5-y54s-53gk

vulnerability_id VCID-ssk5-y54s-53gk

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14363

reference_id

reference_type

scores

value	0.0022
scoring_system	epss
scoring_elements	0.44515
published_at	2026-04-24T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.4467
published_at	2026-04-18T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44601
published_at	2026-04-21T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44544
published_at	2026-04-01T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44623
published_at	2026-04-12T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44644
published_at	2026-04-04T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44582
published_at	2026-04-07T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44633
published_at	2026-04-08T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44636
published_at	2026-04-09T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44652
published_at	2026-04-11T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44624
published_at	2026-04-13T12:55:00Z

value	0.0022
scoring_system	epss
scoring_elements	0.44678
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14363

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url	https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14363

reference_id

CVE-2018-14363

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14363

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14363

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssk5-y54s-53gk

url VCID-t7kq-u427-mbd7

vulnerability_id VCID-t7kq-u427-mbd7

summary

A vulnerability in Mutt could lead to a Denial of Service
    condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3181.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3181

reference_id

reference_type

scores

value	0.02997
scoring_system	epss
scoring_elements	0.86497
published_at	2026-04-01T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86588
published_at	2026-04-24T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86578
published_at	2026-04-18T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.8657
published_at	2026-04-21T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86507
published_at	2026-04-02T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86525
published_at	2026-04-04T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86524
published_at	2026-04-07T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86544
published_at	2026-04-08T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86554
published_at	2026-04-09T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86569
published_at	2026-04-11T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86565
published_at	2026-04-12T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86558
published_at	2026-04-13T12:55:00Z

value	0.02997
scoring_system	epss
scoring_elements	0.86573
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3181

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1920446
reference_id	1920446
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1920446

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326
reference_id	980326
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980326

reference_url	https://security.archlinux.org/ASA-202101-43
reference_id	ASA-202101-43
reference_type
scores
url	https://security.archlinux.org/ASA-202101-43

reference_url

https://security.archlinux.org/AVG-1476

reference_id

AVG-1476

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1476

reference_url	https://security.gentoo.org/glsa/202101-25
reference_id	GLSA-202101-25
reference_type
scores
url	https://security.gentoo.org/glsa/202101-25

reference_url	https://access.redhat.com/errata/RHSA-2021:4181
reference_id	RHSA-2021:4181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4181

reference_url	https://usn.ubuntu.com/4703-1/
reference_id	USN-4703-1
reference_type
scores
url	https://usn.ubuntu.com/4703-1/

fixed_packages

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2021-3181

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t7kq-u427-mbd7

url VCID-u7cd-qnpy-y3az

vulnerability_id VCID-u7cd-qnpy-y3az

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14351.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14351

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75224
published_at	2026-04-01T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75349
published_at	2026-04-24T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75277
published_at	2026-04-13T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75316
published_at	2026-04-16T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75323
published_at	2026-04-18T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75314
published_at	2026-04-21T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75227
published_at	2026-04-02T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75259
published_at	2026-04-04T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75236
published_at	2026-04-07T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75279
published_at	2026-04-08T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75289
published_at	2026-04-09T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.7531
published_at	2026-04-11T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741

reference_url	https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602953
reference_id	1602953
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602953

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14351

reference_id

CVE-2018-14351

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14351

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14351

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7cd-qnpy-y3az

url VCID-u8at-7vh4-f7fe

vulnerability_id VCID-u8at-7vh4-f7fe

summary

Multiple vulnerabilities have been found in Mutt and NeoMutt, the
    worst of which allows for arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14354.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14354

reference_id

reference_type

scores

value	0.02348
scoring_system	epss
scoring_elements	0.84812
published_at	2026-04-01T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84933
published_at	2026-04-24T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84894
published_at	2026-04-12T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84888
published_at	2026-04-13T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.8491
published_at	2026-04-18T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84908
published_at	2026-04-21T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84827
published_at	2026-04-02T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84845
published_at	2026-04-04T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84847
published_at	2026-04-07T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.8487
published_at	2026-04-08T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84877
published_at	2026-04-09T12:55:00Z

value	0.02348
scoring_system	epss
scoring_elements	0.84895
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14355

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14356

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14363

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb
reference_id
reference_type
scores
url	https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb

reference_url	https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
reference_id
reference_type
scores
url	https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d

reference_url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html

reference_url	https://neomutt.org/2018/07/16/release
reference_id
reference_type
scores
url	https://neomutt.org/2018/07/16/release

reference_url	https://www.debian.org/security/2018/dsa-4277
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4277

reference_url	http://www.mutt.org/news.html
reference_id
reference_type
scores
url	http://www.mutt.org/news.html

reference_url	http://www.securityfocus.com/bid/104925
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104925

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1602069
reference_id	1602069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1602069

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021
reference_id	904021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904021

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051
reference_id	904051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904051

reference_url

https://security.archlinux.org/AVG-740

reference_id

AVG-740

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-740

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::
reference_id	cpe:2.3:a:neomutt:neomutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:neomutt:neomutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14354

reference_id

CVE-2018-14354

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14354

reference_url	https://security.gentoo.org/glsa/201810-07
reference_id	GLSA-201810-07
reference_type
scores
url	https://security.gentoo.org/glsa/201810-07

reference_url	https://access.redhat.com/errata/RHSA-2018:2526
reference_id	RHSA-2018:2526
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2526

reference_url	https://usn.ubuntu.com/3719-1/
reference_id	USN-3719-1
reference_type
scores
url	https://usn.ubuntu.com/3719-1/

reference_url	https://usn.ubuntu.com/3719-2/
reference_id	USN-3719-2
reference_type
scores
url	https://usn.ubuntu.com/3719-2/

reference_url	https://usn.ubuntu.com/3719-3/
reference_id	USN-3719-3
reference_type
scores
url	https://usn.ubuntu.com/3719-3/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

aliases CVE-2018-14354

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8at-7vh4-f7fe

url VCID-uh2u-tyhx-jqey

vulnerability_id VCID-uh2u-tyhx-jqey

summary mutt: SSL host name check may be skipped when verifying certificate chain

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1429.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1429

reference_id

reference_type

scores

value	0.00245
scoring_system	epss
scoring_elements	0.47752
published_at	2026-04-24T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47701
published_at	2026-04-01T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47738
published_at	2026-04-02T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47758
published_at	2026-04-09T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47708
published_at	2026-04-07T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47762
published_at	2026-04-08T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47783
published_at	2026-04-11T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.4776
published_at	2026-04-12T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.4777
published_at	2026-04-13T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47825
published_at	2026-04-16T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47817
published_at	2026-04-18T12:55:00Z

value	0.00245
scoring_system	epss
scoring_elements	0.47769
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1429

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1429

reference_url	http://seclists.org/fulldisclosure/2011/Mar/87
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2011/Mar/87

reference_url	http://secunia.com/advisories/44937
reference_id
reference_type
scores
url	http://secunia.com/advisories/44937

reference_url	http://securityreason.com/securityalert/8143
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/8143

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66015
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/66015

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0959.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0959.html

reference_url	http://www.securityfocus.com/bid/46803
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/46803

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216
reference_id	619216
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619216

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=688755
reference_id	688755
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=688755

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-1429

reference_id

CVE-2011-1429

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2011-1429

reference_url	https://access.redhat.com/errata/RHSA-2011:0959
reference_id	RHSA-2011:0959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0959

reference_url	https://usn.ubuntu.com/1221-1/
reference_id	USN-1221-1
reference_type
scores
url	https://usn.ubuntu.com/1221-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

purl pkg:deb/debian/mutt@1.5.21-6.2%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.21-6.2%252Bdeb7u3

aliases CVE-2011-1429

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uh2u-tyhx-jqey

url VCID-ukjn-pbdj-u3e3

vulnerability_id VCID-ukjn-pbdj-u3e3

summary

Multiple vulnerabilities have been reported in Mozilla Firefox,
    Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted
    arbitrary remote code execution.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc

reference_url	http://balsa.gnome.org/download.html
reference_id
reference_type
scores
url	http://balsa.gnome.org/download.html

reference_url	http://docs.info.apple.com/article.html?artnum=305530
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=305530

reference_url	http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt
reference_id
reference_type
scores
url	http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579

reference_url	http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

reference_url	http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html
reference_id
reference_type
scores
url	http://mail.gnome.org/archives/balsa-list/2007-July/msg00000.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1558

reference_id

reference_type

scores

value	0.1342
scoring_system	epss
scoring_elements	0.94219
published_at	2026-04-24T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94154
published_at	2026-04-01T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94211
published_at	2026-04-16T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94216
published_at	2026-04-21T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94163
published_at	2026-04-02T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94175
published_at	2026-04-04T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94177
published_at	2026-04-07T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94187
published_at	2026-04-08T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94191
published_at	2026-04-09T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94195
published_at	2026-04-12T12:55:00Z

value	0.1342
scoring_system	epss
scoring_elements	0.94196
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1558

reference_url	http://secunia.com/advisories/25353
reference_id
reference_type
scores
url	http://secunia.com/advisories/25353

reference_url	http://secunia.com/advisories/25402
reference_id
reference_type
scores
url	http://secunia.com/advisories/25402

reference_url	http://secunia.com/advisories/25476
reference_id
reference_type
scores
url	http://secunia.com/advisories/25476

reference_url	http://secunia.com/advisories/25496
reference_id
reference_type
scores
url	http://secunia.com/advisories/25496

reference_url	http://secunia.com/advisories/25529
reference_id
reference_type
scores
url	http://secunia.com/advisories/25529

reference_url	http://secunia.com/advisories/25534
reference_id
reference_type
scores
url	http://secunia.com/advisories/25534

reference_url	http://secunia.com/advisories/25546
reference_id
reference_type
scores
url	http://secunia.com/advisories/25546

reference_url	http://secunia.com/advisories/25559
reference_id
reference_type
scores
url	http://secunia.com/advisories/25559

reference_url	http://secunia.com/advisories/25664
reference_id
reference_type
scores
url	http://secunia.com/advisories/25664

reference_url	http://secunia.com/advisories/25750
reference_id
reference_type
scores
url	http://secunia.com/advisories/25750

reference_url	http://secunia.com/advisories/25798
reference_id
reference_type
scores
url	http://secunia.com/advisories/25798

reference_url	http://secunia.com/advisories/25858
reference_id
reference_type
scores
url	http://secunia.com/advisories/25858

reference_url	http://secunia.com/advisories/25894
reference_id
reference_type
scores
url	http://secunia.com/advisories/25894

reference_url	http://secunia.com/advisories/26083
reference_id
reference_type
scores
url	http://secunia.com/advisories/26083

reference_url	http://secunia.com/advisories/26415
reference_id
reference_type
scores
url	http://secunia.com/advisories/26415

reference_url	http://secunia.com/advisories/35699
reference_id
reference_type
scores
url	http://secunia.com/advisories/35699

reference_url	http://security.gentoo.org/glsa/glsa-200706-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200706-06.xml

reference_url	https://issues.rpath.com/browse/RPL-1231
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1231

reference_url	https://issues.rpath.com/browse/RPL-1232
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1232

reference_url	https://issues.rpath.com/browse/RPL-1424
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1424

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.571857

reference_url	http://sourceforge.net/forum/forum.php?forum_id=683706
reference_id
reference_type
scores
url	http://sourceforge.net/forum/forum.php?forum_id=683706

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9782

reference_url	http://sylpheed.sraoss.jp/en/news.html
reference_id
reference_type
scores
url	http://sylpheed.sraoss.jp/en/news.html

reference_url	http://www.claws-mail.org/news.php
reference_id
reference_type
scores
url	http://www.claws-mail.org/news.php

reference_url	http://www.debian.org/security/2007/dsa-1300
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1300

reference_url	http://www.debian.org/security/2007/dsa-1305
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1305

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:105
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:105

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:107
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:107

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:113
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:113

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:119
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:119

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:131
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:131

reference_url	http://www.mozilla.org/security/announce/2007/mfsa2007-15.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2007/mfsa2007-15.html

reference_url	http://www.novell.com/linux/security/advisories/2007_14_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_14_sr.html

reference_url	http://www.novell.com/linux/security/advisories/2007_36_mozilla.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_36_mozilla.html

reference_url	http://www.openwall.com/lists/oss-security/2009/08/15/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/08/15/1

reference_url	http://www.openwall.com/lists/oss-security/2009/08/18/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/08/18/1

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0344.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0344.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0353.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0353.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0385.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0385.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0386.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0386.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0401.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0401.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0402.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0402.html

reference_url	http://www.redhat.com/support/errata/RHSA-2009-1140.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-1140.html

reference_url	http://www.securityfocus.com/archive/1/464477/30/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/464477/30/0/threaded

reference_url	http://www.securityfocus.com/archive/1/464569/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/464569/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/470172/100/200/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/470172/100/200/threaded

reference_url	http://www.securityfocus.com/archive/1/471455/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471455/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/471720/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471720/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/471842/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471842/100/0/threaded

reference_url	http://www.securityfocus.com/bid/23257
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/23257

reference_url	http://www.securitytracker.com/id?1018008
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018008

reference_url	http://www.trustix.org/errata/2007/0019/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0019/

reference_url	http://www.trustix.org/errata/2007/0024/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0024/

reference_url	http://www.ubuntu.com/usn/usn-469-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-469-1

reference_url	http://www.ubuntu.com/usn/usn-520-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-520-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA07-151A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA07-151A.html

reference_url	http://www.vupen.com/english/advisories/2007/1466
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1466

reference_url	http://www.vupen.com/english/advisories/2007/1467
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1467

reference_url	http://www.vupen.com/english/advisories/2007/1468
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1468

reference_url	http://www.vupen.com/english/advisories/2007/1480
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1480

reference_url	http://www.vupen.com/english/advisories/2007/1939
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1939

reference_url	http://www.vupen.com/english/advisories/2007/1994
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1994

reference_url	http://www.vupen.com/english/advisories/2007/2788
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2788

reference_url	http://www.vupen.com/english/advisories/2008/0082
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0082

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=241191
reference_id	241191
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=241191

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol::::::::
reference_id	cpe:2.3:a:apop_protocol:apop_protocol::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apop_protocol:apop_protocol::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
reference_id	CVE-2007-1558
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1558

reference_id

CVE-2007-1558

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1558

reference_url	https://security.gentoo.org/glsa/200706-06
reference_id	GLSA-200706-06
reference_type
scores
url	https://security.gentoo.org/glsa/200706-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2007-15

reference_id

mfsa2007-15

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2007-15

reference_url	https://access.redhat.com/errata/RHSA-2007:0344
reference_id	RHSA-2007:0344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0344

reference_url	https://access.redhat.com/errata/RHSA-2007:0353
reference_id	RHSA-2007:0353
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0353

reference_url	https://access.redhat.com/errata/RHSA-2007:0385
reference_id	RHSA-2007:0385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0385

reference_url	https://access.redhat.com/errata/RHSA-2007:0386
reference_id	RHSA-2007:0386
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0386

reference_url	https://access.redhat.com/errata/RHSA-2007:0401
reference_id	RHSA-2007:0401
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0401

reference_url	https://access.redhat.com/errata/RHSA-2007:0402
reference_id	RHSA-2007:0402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0402

reference_url	https://access.redhat.com/errata/RHSA-2009:1140
reference_id	RHSA-2009:1140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1140

reference_url	https://usn.ubuntu.com/469-1/
reference_id	USN-469-1
reference_type
scores
url	https://usn.ubuntu.com/469-1/

reference_url	https://usn.ubuntu.com/520-1/
reference_id	USN-520-1
reference_type
scores
url	https://usn.ubuntu.com/520-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.18-6

purl pkg:deb/debian/mutt@1.5.18-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.18-6

aliases CVE-2007-1558

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukjn-pbdj-u3e3

url VCID-yeqc-es13-3ffr

vulnerability_id VCID-yeqc-es13-3ffr

summary The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5298.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5298.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5298

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.18745
published_at	2026-04-01T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18881
published_at	2026-04-02T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18934
published_at	2026-04-04T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18657
published_at	2026-04-07T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18736
published_at	2026-04-08T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.1879
published_at	2026-04-09T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18795
published_at	2026-04-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18748
published_at	2026-04-12T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18698
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18647
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18658
published_at	2026-04-18T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18677
published_at	2026-04-21T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18569
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5298

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104
reference_id	396104
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396104

reference_url	https://usn.ubuntu.com/373-1/
reference_id	USN-373-1
reference_type
scores
url	https://usn.ubuntu.com/373-1/

fixed_packages

url pkg:deb/debian/mutt@1.5.13-1.1

purl pkg:deb/debian/mutt@1.5.13-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.13-1.1

aliases CVE-2006-5298

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yeqc-es13-3ffr

url VCID-yvgu-yg5k-z3ff

vulnerability_id VCID-yvgu-yg5k-z3ff

summary

Multiple vulnerabilities have been found in Mutt and Neomutt, the
    worst of which could result in an access restriction bypass.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14954.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14954

reference_id

reference_type

scores

value	0.05784
scoring_system	epss
scoring_elements	0.90453
published_at	2026-04-01T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90457
published_at	2026-04-02T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90469
published_at	2026-04-04T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90474
published_at	2026-04-07T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90487
published_at	2026-04-08T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90493
published_at	2026-04-09T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.905
published_at	2026-04-12T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90494
published_at	2026-04-13T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90511
published_at	2026-04-18T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.9051
published_at	2026-04-21T12:55:00Z

value	0.05784
scoring_system	epss
scoring_elements	0.90522
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14954

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1850170
reference_id	1850170
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1850170

reference_url	https://security.gentoo.org/glsa/202007-57
reference_id	GLSA-202007-57
reference_type
scores
url	https://security.gentoo.org/glsa/202007-57

reference_url	https://usn.ubuntu.com/4403-1/
reference_id	USN-4403-1
reference_type
scores
url	https://usn.ubuntu.com/4403-1/

reference_url	https://usn.ubuntu.com/7204-1/
reference_id	USN-7204-1
reference_type
scores
url	https://usn.ubuntu.com/7204-1/

fixed_packages

url pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

purl pkg:deb/debian/mutt@1.7.2-1%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.7.2-1%252Bdeb9u3

url pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

purl pkg:deb/debian/mutt@1.10.1-2.1%2Bdeb10u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.10.1-2.1%252Bdeb10u6

url	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
purl	pkg:deb/debian/mutt@2.0.5-4.1%2Bdeb11u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@2.0.5-4.1%252Bdeb11u3

aliases CVE-2020-14954

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvgu-yg5k-z3ff

url VCID-zecc-x23b-akcf

vulnerability_id VCID-zecc-x23b-akcf

summary mutt: denial of service via a series of requests to temporary files

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2351.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2351

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32733
published_at	2026-04-01T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32568
published_at	2026-04-24T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32749
published_at	2026-04-18T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.3272
published_at	2026-04-21T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32864
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32899
published_at	2026-04-04T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32719
published_at	2026-04-07T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32767
published_at	2026-04-08T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32794
published_at	2026-04-09T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32795
published_at	2026-04-11T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32758
published_at	2026-04-12T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32732
published_at	2026-04-13T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32773
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2351

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2351

reference_url	https://security-tracker.debian.org/tracker/CVE-2005-2351
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2005-2351

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1768449
reference_id	1768449
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1768449

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::
reference_id	cpe:2.3:a:mutt:mutt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mutt:mutt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2351

reference_id

CVE-2005-2351

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2351

fixed_packages

url pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3

purl pkg:deb/debian/mutt@1.5.20-9%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-yvgu-yg5k-z3ff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.20-9%252Bsqueeze3

aliases CVE-2005-2351

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zecc-x23b-akcf

Fixing_vulnerabilities

url VCID-8azh-711b-xuap

vulnerability_id VCID-8azh-711b-xuap

summary Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0167

reference_id

reference_type

scores

value	0.00931
scoring_system	epss
scoring_elements	0.76036
published_at	2026-04-01T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76039
published_at	2026-04-02T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76071
published_at	2026-04-04T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76051
published_at	2026-04-07T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76084
published_at	2026-04-08T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76098
published_at	2026-04-09T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76123
published_at	2026-04-11T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.761
published_at	2026-04-12T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76097
published_at	2026-04-13T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76138
published_at	2026-04-16T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76141
published_at	2026-04-18T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76125
published_at	2026-04-21T12:55:00Z

value	0.00931
scoring_system	epss
scoring_elements	0.76164
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0167

fixed_packages

url pkg:deb/debian/mutt@1.5.9-2sarge2

purl pkg:deb/debian/mutt@1.5.9-2sarge2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-8mtv-crbm-m7e5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-bqzg-b5zw-b3h6

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yeqc-es13-3ffr

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2

aliases CVE-2003-0167

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8azh-711b-xuap

url VCID-cmnb-dqq9-n3gt

vulnerability_id VCID-cmnb-dqq9-n3gt

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0078.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0078.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-0078

reference_id

reference_type

scores

value	0.05662
scoring_system	epss
scoring_elements	0.90336
published_at	2026-04-01T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90338
published_at	2026-04-02T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.9035
published_at	2026-04-04T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90354
published_at	2026-04-07T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90367
published_at	2026-04-08T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90374
published_at	2026-04-09T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90382
published_at	2026-04-12T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90376
published_at	2026-04-13T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90391
published_at	2026-04-18T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90388
published_at	2026-04-21T12:55:00Z

value	0.05662
scoring_system	epss
scoring_elements	0.90403
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-0078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0078

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617139
reference_id	1617139
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617139

reference_url	https://access.redhat.com/errata/RHSA-2004:050
reference_id	RHSA-2004:050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:050

reference_url	https://access.redhat.com/errata/RHSA-2004:051
reference_id	RHSA-2004:051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:051

fixed_packages

url pkg:deb/debian/mutt@1.5.9-2sarge2

purl pkg:deb/debian/mutt@1.5.9-2sarge2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-8mtv-crbm-m7e5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-bqzg-b5zw-b3h6

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yeqc-es13-3ffr

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2

aliases CVE-2004-0078

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmnb-dqq9-n3gt

url VCID-p54u-k5vg-kqgs

vulnerability_id VCID-p54u-k5vg-kqgs

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0140.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0140.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0140

reference_id

reference_type

scores

value	0.02182
scoring_system	epss
scoring_elements	0.8429
published_at	2026-04-01T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84303
published_at	2026-04-02T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84323
published_at	2026-04-04T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84324
published_at	2026-04-07T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84346
published_at	2026-04-08T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84351
published_at	2026-04-09T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84369
published_at	2026-04-11T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84362
published_at	2026-04-12T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84358
published_at	2026-04-13T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.8438
published_at	2026-04-16T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84381
published_at	2026-04-18T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.84384
published_at	2026-04-21T12:55:00Z

value	0.02182
scoring_system	epss
scoring_elements	0.8441
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0140

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0140
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0140

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616983
reference_id	1616983
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616983

reference_url	https://access.redhat.com/errata/RHSA-2003:109
reference_id	RHSA-2003:109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:109

reference_url	https://access.redhat.com/errata/RHSA-2003:111
reference_id	RHSA-2003:111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:111

fixed_packages

url pkg:deb/debian/mutt@1.5.9-2sarge2

purl pkg:deb/debian/mutt@1.5.9-2sarge2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jga-eah6-6bhb

vulnerability	VCID-45b7-9f4d-ryac

vulnerability	VCID-4hym-sx7t-qbh1

vulnerability	VCID-4zbn-7d8g-5bgx

vulnerability	VCID-4zs7-nyzq-zydh

vulnerability	VCID-5dxq-th2e-eke5

vulnerability	VCID-7f9n-6yxm-zuhu

vulnerability	VCID-86dz-udh7-7kd5

vulnerability	VCID-8mtv-crbm-m7e5

vulnerability	VCID-bbnw-jxah-rfbh

vulnerability	VCID-bqzg-b5zw-b3h6

vulnerability	VCID-ce8r-3je8-97bm

vulnerability	VCID-d15r-ncw4-hfdh

vulnerability	VCID-eyfx-wdun-3fhq

vulnerability	VCID-fu71-npm3-8bat

vulnerability	VCID-fyys-8z34-cufn

vulnerability	VCID-htz5-1fbu-5qfb

vulnerability	VCID-j1v7-r585-eqeq

vulnerability	VCID-k6ud-492m-yqdp

vulnerability	VCID-nyyz-7jhc-4qd6

vulnerability	VCID-rabc-wwt3-j3a3

vulnerability	VCID-rhbd-qbus-ruhc

vulnerability	VCID-s7jp-h1gx-f3db

vulnerability	VCID-sdgd-qstu-pudm

vulnerability	VCID-smyk-kg69-27ct

vulnerability	VCID-ssk5-y54s-53gk

vulnerability	VCID-t7kq-u427-mbd7

vulnerability	VCID-u7cd-qnpy-y3az

vulnerability	VCID-u8at-7vh4-f7fe

vulnerability	VCID-uh2u-tyhx-jqey

vulnerability	VCID-ukjn-pbdj-u3e3

vulnerability	VCID-yeqc-es13-3ffr

vulnerability	VCID-yvgu-yg5k-z3ff

vulnerability	VCID-zecc-x23b-akcf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2

aliases CVE-2003-0140

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p54u-k5vg-kqgs

Risk_score 6.2

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mutt@1.5.9-2sarge2

Package Instance